#!/bin/bash

# 将配置信息加载到 session 的环境变量中
source ../../config.ini

# 二进制文件拷贝
chmod +x ../../bin_files/cfssl/*
\cp ../../bin_files/cfssl/* /usr/local/bin

# ca 证书生成
cd ../certs/etcd
cfssl gencert -initca ca-csr.json | cfssljson -bare etcd-ca

# etcd 证书生成
\cp etcd-csr.json.template etcd-csr.json
sed -i "s/\$ETCD_IP_1/${ETCD_IP_1}/g" etcd-csr.json
sed -i "s/\$ETCD_IP_2/${ETCD_IP_2}/g" etcd-csr.json
sed -i "s/\$ETCD_IP_3/${ETCD_IP_3}/g" etcd-csr.json
cfssl gencert -ca=etcd-ca.pem -ca-key=etcd-ca-key.pem -config=ca-config.json -profile=etcd etcd-csr.json | cfssljson -bare etcd

# 移动生成的证书文件，还原 certs 目录
mv ./{etcd-ca.pem,etcd-ca-key.pem,etcd.pem,etcd-key.pem} ../../../install_etcd/certs/certs/
mv ./{etcd-ca.csr,etcd.csr,etcd-csr.json} ../../../install_etcd/certs/csr/
